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ABSTRACT 


in tl xs tlesib the Calculus of Constructions is used to 
fortralise a constructive proof of Cl ur cl -Rosser tleoreri for 
X-calculus The orijxnai proof of Martin~L6f and l^it is used fot' 

tie present purpose Tie proof is foriralised For X.-calculus witl 

de Bruijn notation in wl ich tie variable occurrence is replaced 
fay a number denoting tie deptl of tie occurrence frorr tie binding 

\ This notation remove the need for the ot-reduction The proof 

consists in showing tlat a special reduction called walAus in 

which tie reductions are performed in an inside first manner 
allows tie diarrond property and tlen showing tlat tie diarrohd 
property of Wilfcs relation implies tie diamond property of the 
usual reduction 
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Chapter 1 
Introduction 


In the current the x«t we shall u e the CalcuJu of 
Constructions to provide a constructive pfoof of Ch ur ch-Rosse r 
theoreiT for \~calculu3 The Church-Rosser theorerr states thit if a 

^•“tern X reduces to :^“terrrs Y and Z then there es ists a ^.-terrr W 

such that Y ind Z reduce to it fie Chur ch -Rosser theorem assures 

the uniqueness of the norml forir The proof is fornalised for 
X calculus with de Bruijn natation The fontalised proof script i 
presented in the appendi 

lie \-calculus wa originally conceived by Church as part of a 
general theory of functions and logic intended as a foundation 
for matherratics Although the full system turned out to be 
inconsi tent the sufasyeteri dealing only with functions turned out 
to be a successful rrodel of coiTputation Instead of trying to 

model the logic Pormulae by pure. K-terms which gave Church an 

inconsistent systeir one ran trodel the proof terrrs of logic by 
typed ^--terms which gives a consistent system c»/ 

ConstnjLctvons (abbreviated COC hereafter) IICH88II follows this 
paradi grr and has errerged as an elegant presentation of 

constructive logic The proof theoretic strength of the system is 
not yet completely understood The inherent structure of the 

X calculus for this purpose is higher order i rr p redi cati ve 

X“calculus with dependent types 

The COC IS interesting to corrputer science since it presents 
tie proof s -as -programs paradigm m a clear light When we identify 

the types with the propositions the resulting proof terms can be 

seen as the programs which realise their types in Kleene s sense 
of real i sabi 1 i ty for intuitionisti logic 
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Ch ur c^-“Ro&ser tl eorerr n ce3ebrited matl emat i c result about 
\ calculus It iirplies the onsiatency of the \-~cal cuius as a 
rewrite rule systeir It has tat en irore than thirty years for the 
evolution of a clear proof of Church Hossei Most of the early 
proofs are either incofrplete or defective The current study 
presents a irachine thectinj of tie proof by Martin-Lof / f ii t 

The Martin~Lof s proof for \-calculus with taniard notation is 
presented in the appendi of rHS72Il In the current study tie 
^-calculus IS forrrulated in dc Bruijn notation 11 is notation 
assuires itrportance in the rrachine irr p lerrentations of ^-calculus 
The de Bruin notation does away with the a-reduction But the 
proof gets more corrple with the froperties of de Bruijn indices 
The whole proof as presented in CHS723 is tailored for de Bruijn 
indice and the proof is rraci me checl-ed in COC The rrachine 
cheched proof script is presented in the appendi B The 
in plementat 1 on of COC used for the current study is ( OC V 4 10 
developed at IIMRIA 

A rrechanical proof for Ch ur ch— Rosser in Boyer-Moore logic is 
presented in CSh883 The Boyer-Moore logi is completely different 
frorr COC in content and philosophy Tie Boyer-Moore s is a 
quantifier free first order logic Tie language is a forrr of 
Pure-Lisp The terns of Boyer-Moore are either variables or of the 

form (FN t t ) where FN is in n ary function and t t are 

In 1 

terns The COC is an hlg^e^ order impredi cat i ve intuit ioni sti c 
logic 

The following sections of the current chapter present a brief 
survey of literature on COC The second chapter presents an 
infornal proof on the lines of LHS72II Chapter three is a 
rigorous fornulation of the proof with de Bruijn notation This 
chapter can also be seen as an English translation of the mad ine 
checked proof script which is added as appendix B The chapter 4 



briefly summarises our e perience with the systerr of COC ApTSif'diJ- 
A is an e arri-le session of the sy tern V 4 10 

1 COC from X-calculus point of view 

COC tan also be viewed in terrrs of Barendregt G^nt^x'a.l sed. 
TVpe CGTS:> CBH90!I wh 3 cl clearly shows the place of thus 

forrralisrr arrongst such ones This view also show that COC is tie 
iTOit general amongst such ystens 

In tl is section we ptesent COC frotr the X-calt ulus point of 
view We describe Barendregt s G^n^i-ctl s&d. TVp® Sy^tsun. (GTS) a 
single unifoni presentation of the forest of X calculus systems 
and slow thie place wiere the COC nicely Fits in GTS 

1 1 Definition (iXtern of GTS) Thie set T of terirs of a GTu is 
defined by 

1= V C I T T X9 T T nv T T 

where C is tl e set of constants and V is thie set of variables 
(li) (stateirent) A statement of a GTS is of the forir M A withi 
AeT M IS called the terrr and A is called its type 

(lii) A conte t is a finite linearly ordered sequence of 
statements with distinct variables as terrrs 

1 2 Definition s A specification of a GTS is a triple»(S A R) such 
tl at 

-SsC the lerrents of S are called sorts 

“A IS the set of staterrents of thie forrr c s with c^sC and 
s«S The elenents of A are called a lorrs 

"R 13 the et of pairs of thi form (si s2) withi si and sS«S 
The elements of R are called rules 
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1 3 Definition (GTS) s Gi'.en i specification of i GTS 

G-(S A R) tt"e cor respondin j X.-calculu system dorivea tie 

stateiients relative to a contest r The rules (si sS)eR detenrine 
whicl ibsti actions are allowed 


(A) ioiT ) 


(Start ) 


(Weal ening ) 


(n-e 1 in 1 nat ion ) 


(O-f o rmat ion ) 


e c s 


if (c s)eA 


r I- Ass 


r A t- A 


r I- BSC r h A s 


r ! A H B c 


if s«S and K- is fresh 


if ssS and is fresh 


ri-Fs(n AB) ri-asA 


r e (F a) Ca/!<TB 


r AS s 1 


r ksA e B s 2 


if (si s2)€R 


r e (n A B) 3 sS 


(FI -introduction) 

ThA si r sAt-BSsP r Art B 


r (X sA b) (nxBA B) 


if (si s2)«R 


(Conv r ion) 


FhAB ThBs 

r I- A B 


If SfeS and B B 
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For Various GTS specifications we get different \-calculus 
systerrs The calculus of constructions is a X-calculus aysterr with 
sorts S'* * a } a loirs A= (wsd)} and rules R'= (w #) a) 

(d *) (□ a)} The rule (* •s-lcR gives the systerr the elerrents 

dependent on elements <d •Jf-)«R gives the polytrorphic types 
(■» n )eR gives the types dependent on elerrents and (□ d )€R gives 
the types dependent on types The COC is thus an irrpredi cative 
higher order typed X-calculus with dependent types Without the 
rule (* D )€R we get the systerr Fw of Girard Thus the COC is a 
conservative e tension of system F^;^ The relation of COC with 
seven otfer corrrron X-calculus systerrs can be shown as a cube 
called X^”cube 



X.-cube 

For all the eight systems the sorts and a ioms are common 
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1 e o=u □ and A= (-^ta) The rules are as follows 

(1) \ (sinply typeiX calculus) R® (# ■«• ) 

(2) X2 (System F) R"« (* *) (p #) 

(3) \w R= (# *) (□ □ ) 

(4) Xw (Systen F<>j) R= *) (a «•) (o a)} 

<o) XP (IF) R= (•»•#) (* D ) 

(6) XPE R“C('S' * ) (p * ) (# d) 

(7) XPw R“ ( * * ) (p p) (* d)> 

(8) XPto (COO R-^ (# #) (p •») (p p) (■»■ p) 

Thus the COC or XP6i is the rrost general airon^ the possible 
systerrs The s>sten XP is given thit narre because predicate logic 
IS interpreted in it The approach followed for tfis 

interpretation is called px-oposxt ons-cts-f^pes paridigrr and is the 
ta IS of several languages lile AUTOMATH I dB80T NUFRL CCo56J LF 
CHa873 

In all the above sy terrs the ternrs of » are called typ&s and 
the terms of o are called h rtds 

2 COC from logic point of view 

In the previous section we have seen that COC is in 
irr p redi cati ve higher-order X calculus with dependent types By 
identifying with Prop the set of all logic propositions we get 
an impredicative higher order minitral intuit lonisti c logic This is 
the pure Calculus of Construction as presented in CCHSSO Here we 
try to model the yntactic behavior oF logic by X calculus 
/^-reduction In this franeworh the types are identified with the 
forrrulae and the X-terms with the proofs Instead of directly 
identifying the types with the propositions another way of 
viewing this is the type cor responding to a proposition is the 
type of proofs of the proposition The logic thus becorres the 
expressions oF the fact that a proposition is true jf and only 
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if its cor respondin j type of proof is inhabited 

In CC ::|89I] Coquand call the types of previous section a snail 
types and I- inds of previous section as bij type Only the rrall 
types correspond to the forrrulae of logic The big types ai e the 
types of forrrulae and higher order predicates Both the strall and 
big types can be used as individual types We hiave Loth tie 
calculus of functions <when we consider types as individual types) 
and calculus of logic (when we consider the types a the types of 
proofs) in a single fratre-worh Of course there is soire confusion 
of understanding between the two 

We have terrrs of •^1 levels The tern i of a level are the types 
of the terms of a lower level 

The terms of the 0 th level are proof terrrs The terrrs of level 
1 are tie small types or the forrrulae of logic Only these are 
called types by BarendregtlI!BH903 The terns of level 2 are the 
Type of terrrs of level 1 and are called big types by 
Co guandCC g893 and hinds by Barendre gt[;BH90Il Here we are able to 
form A Prop Prop- Prop etc The terms of level 3 are singleton 

This is o of IIBH90I] and Type of CCga90 This is the type of all 

types 

We are able to form four types of products! 

(i) Product forrration from rrall types to arrall types give rise 

to the concept of elerrents depending on elerrents eg If A and B 

are of type ■» the type A- B is also of type * This is arrow type 

in \-calculu3 and irrplication in logic 

(ii) The product forrration frorr big types to srrall types give 

rise to the effect of polymorphism of the X calculus and second 
order quantification of logic For eg A * 1- (At*)(A- A) 6 tt 

The type (A!'»)(A- A) is the type of polymorphic identity in 
X-calculus When we identify with Prop in logic we lave the 
formula (A Prop)(A= A)of type Prop It is here we get an 
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irrpredicative s^sten The concept of lefininj an elerrent of a set 
fay using the description of the sarre set is called 
'^r&dlCCLtlvism Here we are defining in elerrent of Prop by 
quantifying over Prop it elf The actual in p 1 ementat i on of COC 
V4 10 done fay Huet LHS93 contains an infinite number of 
hierarchies All the levels beyond level one are predicative while 
the level one imp redi cat i ve The imp re li cati v ity at two levels 
gives rise to inconsistency to the systerr as has been ob erved by 
Girard CrqS6II for systerr U 

(lii) The product foriration frottr srrall type to a big type gives 
the effect of elerrent lependent types For eg A I - () A)* a 

which is the type A- Prop the type of predirates over A 

(iv) The product fornation from a big type to big type gives 
the ability to use higher order quant i f i cat i on For eg A B l~ 

X.(A Prop/ Prop) (C Prop)(A- B C)“ C This is the connective 

AND which IS of the type Prop- Prop- Prop The connective AND is 
gen ric in the sense that we can plug in any two propositions 

3 Implementation of COC 

The irr pi err entat 1 on of COC which is used in the current study is 
the version 4 10 written by Gerard Huet CH893 developed at INRIA 
France This section briefly describes the proof description 

language of this irr | lerrentation called fia themati cal vernacular 

developed by Qilles Dowel 170893 the facility for inductive 
definitions developed by Pauline CP893 and an autorratic theoreir 
prover called Synthesis developed by Coquand CCq89S3 

3 1 Mathematical Vernacular s 

The purpose of the proof description language is to irake the 
language of COC as close as possible to the language in which the 
rrath errat 1 cal booths are written Each and every vernacular 
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taterrent is translated into tie basic corrnanls of tl*e 
constructive engine LHa93 u P t,OC The f und'^trr ental vernacular wh id 
13 rrainly rrade use of in the mid me proof of Clurd-Rosser is 
e I lamed below 

In vernacular a variable is declared by 

Par-mru^t&r- <rucmi& af x>ax-\.c3jb'L&> <£ype> 

Tl e syntiK for aiding an a ion is 

£ot£ e-men. £> 

Me synta-! For proving a new tleoreir is 

TKeor-em. <rvcm& of thjsoT-oitCy <BtctteYrisnt> 

Pr-oof px'oof of tHe thj&ox-oni> 

New definition is added by the synta 

D&fvmti.on <rijoarue>=<&ociy> 

Local variables and I ypotheses are added respectively by 

Var-xahte <rn.oune-> and 

Hypothsfs s <ncaius> <statoinu&rLt> 

There is a pi^ovision for splitting the proof into S^ct ons 
SubBoctxons and Chaptefjc-s with the usual scoping rules 

3 2 Inductive definitions » 

Inductive definitions are the rreans of giving corrplete 
specification of a notion from the description of their 

constructors A macro comman 1 is available to the user which 
generates the type introduction and elirrmation rules from the 
specification For eg the definition of jum type is given as 
Indue txvB Defxnxtxon Bxim. lA B Prop! Prop 
= li^ft A—>C&xmL A B2> 

! rxgh-t B->C sufti. A 

- stem generates the following 

i) » (C ■») (A” C) (B“ C)~^C 
“ CHS < sum A B) IlH 
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left = (Ca AJCC •ftJCfsA- CDLj B- C3<f a)) A (surr A B) 
right = (Cb BDCC A- ClLg B Cl( j b> ) B™ (aurr A Bj 

Two specifications in two different constructors intro luce a 
SUIT type between therr and in the sarre constructor introduce a 
product type between tl em 

3 3 Tactics 

The tactics theorerr prover called Syntlesis rrachine i 
ieveloped by Coguand CCg89oII The philosophy of the tactics is the 
goal directed proving wlich is the reverse of tie natural 

deduction The tactic is a CAM! function which when applied to a 

qo il reduces it to sirrpler subgoal A t-^cticil is a higher order 
CAML function for combining tactics to build new tactics 
Diffeient tactics are provided for different inference rules of 
COC The tactic which were found to be iTuch useful in the 

construction of the proof of Churcl Rosser are 

( a ) as uiTotion tactic J. This tahes the proof of a goal frorr the 
hypotheses conte t This tactic corresponds to rule stctx-t 

( h ) intro tactic _ This introduces the abstraction in the 

proof This corresponds to n-intrexSirc t ion. rule 

( c ) resolve tactic J. This introduces an application in the proof 
structure The effect corresponds to n-^l m.incttion. rule 

( d) chan le tact i c „ 1 1 e effect of this tactic corresponds to 
conv&r-sicfn rule 

The basic tacticals which were found to be useful are 

taci THEN tac2 
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Ills applies the tac2 tactic to all the new joals generated by 
the tac 1 ti t j c 

REPEAT tac 

This repeats the tactic tac till it fail 

A corrpounii tactic caled autamattc built Frorr the above 
tactics was found to be very rruch u eful Thus perforrrs a aeries 
of five sue essful resolutions with the lenrnaa added to 
add_resolve__l 1 st interspersed with assumptions and fails if it 
can not coirplete the cui- rent goal 


11 



Chapter 2 


Informal Proof 


1 Introduction to X~calculus and de Bruijn notation 

The X-calculus is a t>pe free theory about the functions as 
rule rather than graphs It studies the problerrs such as what 
all cm be computed and wl ich computable processes are equivalent 
Ihese corrputable processes are called X terms of the X-calculus 
In our presentation the mam relation between the X-terms is 
reduction whichi is sufficient for the proof of Ch ur chi-Rosse r 

We begin by as uiring thiat there is an infinite set V of 
variable and a finite or infinite set C of constants An atuir is 
a constant or a variable 

1 1 Definition <X-terms) The set of X-terms A is defined by 


(i) Every 

atom IS a X term 




( li ) If X 

and Y are X-terrrs 

then (X Y) 

IS a X-term 


(lii) If 

Y IS a terrr and i 

IS a variable then X Y 

IS 

X~te rm 





Ei arr pi es 

of X-terrrs are (Xr 

(Xy ( y))) 

( (Xk k) <X ( 

y) ) ) 

1 S Definition 

(Free and Bound 

variables) 

An occurrence 

of 


variable in Y i bound iff it is inside a part of Y of the forrr 
X< otherwise it is free 

Substitution 13 the process of replacing all the free 
occurrences of a variable in a term by anothier term 

1 3 Definition (Substitution) For any terirs M N and any variable 
thie result CN/j TM of substituting N for every free occurrence 
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of < in M IS defined as follows by inlluction on tfe construction 
of M 

( j ) CN/ J - N 

(ii) CN/ Jy -a y for all atoms yf^ 

(ill) CN/ 3(M1 MS) = <<CN/ 3M1)(CN/ DrrS)) 

(IV) CN/ KXy M) ~ Xy M if =y 

= Xy CN/ 3M otl-erwise 

To ensure that the substitution has the intended meaning no 
free variable occurrence in N can be allowed to becoite bound in 
CN/ <I1M Fot- this we renarre tl e bound variable as and when 
needed Two terms which ai-e equivalent e<cept For the renarring of 
bound variables are cal led oi-reducible to each other 

1 4 Definition (a-reduct i on ) A tern X goe to a term Y in a 
oi“ste|: iff X and Y are identical e cept that the naires used to 
denote the occurrence of variables bound by a X in X and the 
corresponding in Y might differ uniforirly 

The corrpLitation is actually done by a rule known as ft-step A 
subterrr of the form i\) M)N is called a rede'< 

1 3 Definition (reduction) A term X goes to Y in a step iff a 
subterrr (Xh M)N of X is replaced by CN/ DM to obtain the terir Y A 
term X reduces to a terrr Y iff Y is obtained from X by a finite 
(perhaps empty) series of ft-stsps and ot~steps This is denoted as 
X >-» Y 

Hence /9-reduce relation is the refle ive transitive closure 
of /9“step relation 

eg (X (Xy (y ))) v >-» Cv/ 3(Xy (y )) = (Xy (y v)) 

1 6 de Bruijn Notation 

With the previous notation for X-terrrs we have to tah e care 
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of renarrinj of bound vnriablo in t|- e reduction process it every 
/9“ste|. Witl- the notition deveJofed by de Bruijn in CdB7g3 for the 
iiri|, leirentation of Autorratl- two terrrs which ire cn ei^ual ire always 
yntacti ally itentical In this notation a variable o currence 
ir a X-terrr is represented by an integer denoting the depth Frorr 
the binding X We also do away with the tagging of narre of 
variable withi X in the abstraction If tlere are n Xs during the 
parsing between the binding X and the occurrence of variable that 
plice of variable is represented by n+1 

For eg (X (Xy () (\z )))) is represented in de Bruijn notation 

as (X (X (2 (K 1)))) 

If corresponding to a variable occurrence represented fay n in 
a subterrr M there Is no ntl closest urrounding X tl en that 
variable occurrence as Free in M hor eg tie underlined variitle 
occurrences are free in ( <X (2 (X (2 2) ) > ) (X (4 1))) 

During tie ^-reduction of the rede< (M N) the free variables 
of boU the M and N are affected Consider M = (X (2 (X (X 3>))) 
and N i® 2) the underlined variable occurrences being free 
Consider (M N) is the subterrr of X - (X (M N) ) The free variables 
of M and M are referencing the outerirost x in X When we reduce 
the rede <li N) in a naive fashion we get X “ X (2 
(X (X <X 2)))) This is wrong since now the free variables in M 
and N are not referencing the outerirost X in X The free variables 
of M and N have to be properly modified All the free variables of 
M have to be decremented by one since a X is being destroyed in M 
All tl e free variables of N have to be incremented by one as we 
traverse a X recursively in M during the substitution since an 
e<tra X is going to be added to the front of W So the correct 
result IS X “ X (1 (X <X (X 4)))) 

Since variables do not have narres there is no need for 
renaming bound variables during the sub titution The de Bruijn 
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notatjon assurres irrportance in tie corrputef irr p 1 en en tat 3 on of 
X. -calculus and functional p f o^ratrrr in j languxges One distinction 
witl- tie standard notation is that if M is the subterm of X the 
order in which the free variable occurrences in M becorre bound in 
X IS fi ed regardle s of X So it is lelpful to thinh of terms as 
always being subterns of some other bigger terms 

The X-term with the de Bi uijn notation can be formally 
defined as followss 

1 7 Definition (X-terms with the de Bruijn notation) The set X of 
X-terms is defined by 
A •- U a" 

ri O 

where A are the sets generated by the inductive rules 
k « A*^ if fc£h:^n (variahles) 

XNeA*^ ifN«A ^ (abstraction) 

(M N) « A’^if M N <s a’^ (application) 

The closed terms are the tenrs in A*^ A detailed discussion 
of X-calculus with this notation can be found in the appendi of 
CBaSOJ and in i;dfc!723 



E Chur ch-Rofiser Theorem 

For all y y Z t/ X y-w Y and X >-* Z 
than thara ax^ets a W such that Y y-w W and Z >-iy W 

X 



/ 

/ 

/ 

w 

The staleirent of the theorem can be shown as in the above 
figure and that is why it is also called diamond lemrra The tern X 
IS called the source of the diamond Another way of statinj this 
theorem is 

All X-tarms can ba the soxirces of dhomondis 

The Ch urch-Ros se r theorem assures the uniquness of the norrral 
form 1 e all reduction paths do terminate at the same term if at 
all the they terminate 

3 Walks relation 

In this section we introduce another relation between two 
X-terms called walks relation The proof of Ch ur ch-Rosse r consists 
in finding a simple relation which has diamond property suchi that 
reduction relation is the transitive closure of this new relation 
The first trial would be to consider /9-step as this new relation [ 
since we already know that reduction is the transitive closure of 
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/j-step But a in^le /5-"step telation does not have diarronl 
pfoperty A counter e ample can illustrate thio case Consider 
X-((X ) < <X.y y) i) ) ) a) and Z=(((X.y y) a)((Xy y) 

a)) We have tf at X reduces to Y and Z in a ingle ft-step But now 
we can not Find a W such that Y and Z reduces to it in a single 
/3“5te p 

Mart in-Liif ind fait consider a relation onsisting of a 
nuriler of ft- teps su 1 that inner rede es si- e alwa>s contracted 
before the outer rede cs They rail it sp&c ctL iredtici on. and 
CShSSJ calls it wcilhs It is observed that tl is special 
reduction his the diarronl property and that usual reduction is the 
transitive closure of this relation 

3 1 Definition (Residual) 

Let U be a term contiining /^-rederes P Q such th it Gl does 

not contain P I et U he the result of contncting Q in U If P (5 

are non-overlapping the residual of P in U is P itself If P«=Q 
there will not be any residuil of P in U If Q is a part of P and 
P«(\y M)N Then contraction of Q leaves <A.y M )N or<\y M)N which 
is tl e residual of P in U 

3 E Definition (Special reduction or wall-) 

Consider Ri Rn as rede<e3 of X Contract any Rl which 
contains no oti er Rj This leives n- 1 residuals 

Ri Rl i Rc i Rn Contract any R) which contains no other 
Rk This process is continued till no residuals are left Then X 

IS Slid to specially reduce or wall to the resulting Y 

4 Th« mam proof and lemmas involved 

In thi section we give an informal proof of Ch ur ch~Rosser 
for standard notation of X-calculus The proof for de Pruijn 
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notation needs few rrore lemrras ^e 3 arliln 3 the increnenting of free 
variables and substitution A ri^oi-ous proof with this notation is 
3 iven in the ne t chapter which is nothing but English 
translation of rrachine checl ed prooF The proof involves three 
steps (i) Showing that walls follow dianoni property (ii) 
ol owing that the refleiive transitive closure of walhs tailed 
n-walt follows diarrond property (iii)Shuwing that diarroni 
property of n-wall s implie the diairond property of reduce 
relation 

Step( 1 ) Tl e staterrent we need to prove i 5 I / X \Mxlks to Y a.n.d 

Z IhjeTt th.ox-€; oxtsts a W snoh tha.t Y and Z walk to The proof 

IS by induction on the structure of X 
Case 1 <X IS an atorr ) By definition Y md Z are al o tie satre 
atoiT X Choosing W«X we have Y and Z wall to W 
Case ? (X=X!- M) By definition there e ist My M such that 

\s=X My Z^X M and M walks to My and M From the induction 

hypothe is for M we have Mw such that My and M wall to it 

Choosing the W~X Mw will sati fy the r e qui r err ents 
Case 3 (X==(M N)) There arise four cases depending on whether X 

IS a rede and if so whether it is the last rede to be ft reduced 
in the walk to X and Y We consider here the case of X being a 
rede and in both the walks to Y and Z it is the last rede< to be 
/^-reduced The other three cases are dealt in the rigorous proof 
of ne t chapter 

We have X«(X A) Y«CNy/ <3Ay Z=CN / 3A such that A and N 
walk to Ay A and Ny N By the induction hypothese for A and N 
we have Aw Nw such that Ay A walk to Aw and Ny N walk to Nw 
Choosing CNw/ <JAw will satisfy our requirements given the 

following lerrma 
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Lemma (Substitutivity of walks)* If A^, wall-s to Aw and Ny waDs to 
Nw If en CNy/ IlAy wall-s to CNw/ DAw Tie |.roof of tie ierrma i by 
in:luction on the structure of Ay and needs tf e following lerrrra 
Lt.mma (sbst~sbst)s CN/ JC /y3M = CdN/ 3 )/yJ<i;N/ 3M) 

Tie proof of this lerrrra is by induction on the struiture of 
the terrr M With the de Pruijn notation the proof of this lerrn n 
detrandr Few irore lernras lihe incr-abst incr-incr etc which are 
85 plained and proved in the ne t chapter The rrachine proof of the 
train theorem is contained in the Chapter wall- diarrond of irathine 
proof 

Ste I. ( 1 1 ) Ihe proof that n-walls the reflexive and transitive 
closure of walls follows diarrond property involves the induction 
on the length of wall chain This proof is shown in the nachine 
proof as Cl apter transitivity 

Ste p (ill) The proof that diarrond property of n~walhs irrplies the 
diamond property of reduce relation consists of showing that a 
single walk can be considered as a series of /?“steps and that a 
/9-step can be considerei as a single wall step The proof of these 
results are contained in Chapter c-r of rrachine proof 
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Chapter 3 

Proof formalised in COC 


in 

the previous 

cl apter the p roof 

of the Ch ur ch-Rosse r 

For 

standard 

, notation i 

pr&sentei in 

an 

inf 0 1 mal 

manner In 

this 

Ch Tipter 

the fofnal 

and rigorous 

p roof For 

Cl ur cl -Rosse r 

1 s 

pre ented The proof 

of this chapter 

1 s 

intended 

to be more 

0 r 

less an 

English translation of machin 

checked 

prooF which 

1 s 


dd led a appeniiK P to th 3 thesi That is wl y the proof contains 
somewhat iiFFerent notation frutr the standard literature For 
e nrrple a statement “Cs/ily of standard liteiatute is written as 
sbst( 1 y ) in the current Cl apter whicl is actually represented 
in CQC as (sbst 1 y ) Throughout the chapter the variables 
whicl are not e plicitly bound in tie staterrents of the lemrras and 
theorerrs tre understood to be universally quantified 

A constructive proof of Clurch-Ro ser Formalised in 
Boyer-Moore logic is presented in CShSSI) We have followed this 
worh closely to provide our proof in COC 

Tie section 1 give the basic forirulation of X-calculus as 
has been done For the machine proof The section 2 gives some 
lerrmas regarding the operations of incr_f ree„var and sbst 
Incr_f ree__var is the operation oP incrementing th-e de Bruijn 
indices of the free variables of a term and sbst is the operation 
of substitution of a term in another term for some variable Mast 
of tie lemmas of this section are not needed for standard notation 
of X calculus Hence these are absent in the standard literature 
The section 3 presents the lemma of subst 1 tut 1 v i ty of walks The 
section 4 contains the proof that wall allows the diamond 
property The section £> gives the proof that refle ive transitive 
closure of walks relation allows the diamond property The section 
6 gives the proof of the Ch ur ch -Rosse r 



1 Formulation of the basic theory of ^--calculus » 

In tl IS section the basic theory of X-calculus which is 

needed for Tie proof of Cl urch-Rosser is presented We define the 
X“teriis nnd subttrirs The operations of increnentin^ the fiee 

variables and substitution are e plained Then we define the 
b“ tep and wall- lelations and their refle ive transitive 
closure All the definitions do ely re emble their 

counter part m the machine proof for e airple the application 
of the predicate sbst term- nat- terir tern- prop to ! y in d w 
13 represented as sb t( y w) while in the rrach me proof it is 
represented as (sbst y w) This is done for the readability of 
the proof 

1 1 Definition X,~terms » 

A type const of constants is assuired to e ist The type n<at 

of natural numbers is defined inductively by the constructors ero 

and successor The type term, of X-terrrs is defined in the irachine 
proof as 

Indue tma De/inition term Da.ta. = 
eonetetnt const— > term. 

/ uorictfble nctt->ter-m 
/ lam/dct tear'm.-> term 
/apply term— > ter m-> tei'm 

f or an element c of type const constant(c) is a tent For a 
natural number v variable(s) is a term For terirs tl and t2 
laiTda<t1) and apply(t1 tS) are terms The symbol Fred stands for 
tie predecessor function 

Fron here onwards the e) act synta of the definitions as in 
the machine proof is not given Only an English equivalent of the 
definitions is given The machine proof is presented in the 
appendii! B We use the same names for predicates types functions 
and theorems as has been done in miachine proof so that the 
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trachine praaf &cri|.t is understandable 


1 S Definition Sub_term 

The forrrula Bub_tenT(< y) rreans that is the sub_tern' of y 
Tie predicate sub_t&r-m. £<&r>y->t«er-m.->pr<op i defined as follows 
<i) For all terrrs sub__t€ rrr < < ) 

(ii) sub_terrr(< m) iff sub_tertr( landa(rr)) 

(iii) either ub_terfr( rr 1 ) or sub__teriT() mH) 

iff sub^tei-nt applyCfl rr2)) 

1 3 Definition < Incr_f ree^var ) a 

With de Bruijn notation in the reduction of (X. X)Y the 

free variables of Y are affectei hor e<amj.ie we have X~X S and 

Y= 1 The term Y ha *. free variable which i boun i by the nearest 
surrounding X. If we substitute \ in X for the first bouni 
variable in a naive fashion the ^-reduction jives us \ 1 But 

this IS wrong since substitution resulted in a terrr which does not 

have any nore free variables The free variable of Y got hounded 
in X during the substitution The cored result of substitution is 
X. S So during the substitution the free variables of Y have to 
be mcrerrented by one each tine we recurs down a Xu m the 
structure of X 

The operation of in c r err ent mg the free variables of Y is 
defined by induction on the structure of Y This operation can be 
defined as a two place function with the argurrents the tern and a 
counter to keep trach of the nuitber of Xs surrounding the subterrr 
under consideration The forrrula in r_free_var( i y) means that 
the free variables of < are the variables which are bound beyond i 
levels and these variables are incremented by one to get the term 
y The initial value of the counter has to be ero 

The predicate incr-_Jr-&«_\}cir of the type 

term- nat- term- Prop is defined recursively on the structure of 
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the tei-rr whose free varjables are being inci errented is follows 

(a) If ) - constint(c) 

tien incr_f ree„var ( i y) iff y = constantCc) 

(b) I-f - vHriaHp(v) and i v 

then incr_f ree_var ( i y) iff y ~ variable < ) 

(c) If variable(v) and i>v 

thien incr_h ree_var ( i y) iff y = varialle(v) 

(d) If ■" larrda(a) 

then in c r__f ree__var ( i y' iff 

y = larrdi(i1) and incr_f i- ee_var (a S(i) a1) 

( t. ) If " apply (rr 1 n 1 ) 

then incr_f ree_vir ( ? i y) iff > = applyCirS n?) 

incr__f ree_var (rr 1 i rrE) i n c r_f ree_var ( n 1 i nS) 

1 4 Definition Sbst ! 

During the /^-reduction of (\ X)\ the free variables of X 
are also affected since the X in X is lost in course of 
/^“reduction This would mean that there is one fewer X surrounding 
the free variables of X For eJarrple consider X“X (3 (E 1)) Here 
1 13 the bound variable X 2 is the variable for repiacerrent 
during tie /^-reduction and 3 i tie free variable If we reduce in 
a naive fashion we get X (3 (Y 1)> But the correct result is 

X (2 (Y 1)) The free variable 3 has to be decretrented by one 

since a surrounding X is lost During the recursive definition of 

substitution a counter is mintained to recognise the free 

variable occurrences 

The fortrula sb6t( y w> rreans that y is the variable to be 
replaced ill the variables less than y are bound in which are 

to be lept as they are all the variables greater than y are free 
which are to be decremented and w is the result of substituting 
for the occurrence of y in The predicate sbst of type 
terrr nat term- term- prop is defined recursively on the 
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stfutture of the terrr in wf i ch tl- e substitution i bein^ perforired 
as follows ! 

(a) If -const in t<c) then 

sb t( y w) iff w“"con tant(c> 

( t ) If ~variable(v) and y v then 

sL3t( y w) iff w vnriable <Prpd(v> ) 

(c) If - variable(v) ind v > then 

sb6t<< y w) iff w = variable(v) 

(d) If =" variable<v) and y =» v then 

sbst(! y w) iffw = < 

(e) If = larr1a(a' then 

sb3t(j y w) iff w = latTda(a ) in c r__f ree__var < O < ) 
and sbst( o(y) a a ) 

(f) If « applyfrrl n1) tl en 

sbst( y w) iff w « nFFly(iTS n2 ) sbst( < > tr 1 rr2) and 
bst ( ■« y n 1 nS) 

1 S Definition b_step 8 

The forrrula b_ tep( y) rreans tl at y is ^ot by /^—reducinj < 
in a single step The pt'S'iicate b_„step of the type terir term- prop 
is defined recursively on the structure of the tern which is being 
/^-reduced as follows 

(a) If = larrda<rr) then 

b_step( y) iff y = larrdafm ) and b_step<m m ) 

<b) If ) « apFly^n ^ then 
b_3tep( y) iff either 

(i) y = aFply^ffi'l fi) and b_step(n ml) 

0 r 

(ii) y =» apply(n' n1) and b_step(n n1) 

0 r 

(ill) IT » lamda(a) and sbstCn one a y) 
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1 6 Definition n_b_step 

Tt" e I'slation n_b_&teF is tl" e refle ivo and tfansitive closure 
oF relation b_ tep Tie formula n_b_step< y n) rreans that 
b-reduces to > in n b~steps The predicate n_b_step of the type 
term" teriT- nat prop is recursively defined on the length of the 
b_step chiin a follows 

(a) ReFle ivity over a single b_step 

n__b__step (uvO)iff u v 

(b) Transitivity ovee a single b_stpp 

n_b_step (uwS<n)) iff n_b__step (u v n) and 
b__3 1 e p ( V w ) 

1 7 Definition reduce s 

A term x is aid to reduce to y iff there e ists a number n 
such that n_b_stcp( y n) holds 

1 8 Definition Walks s 

The motivation for defining a special reduction waU has been 
e plained in section 3 oF Chapter E The proof of Ch urch— Rosser 
consists in sho(Mng that the refle<ive transitive closure of walk 
relation allows diamond property and in showing that a b-step can 
be seen as a walk and a walk can be seen as a series of 

b"3tepB The formula walks( y) mem that walks to y or in other 

words transforms to y in a finite number of b reductions 

perPormed in an inside first manner 

The relation walks of type term- term prop is defined 

recursively on the structure of the term which is being walked 
from as follows 

(a) If » constant(c) then 

walks< y) iff y = constant<c) 

(b) If X == variable <v) then 

walks(< y) iff y “ variable<v) 
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( c ) If 


larr 1a ( rr ) then 


w=ill-s(^ y) iff y = lamdia(ml) and wall-s(fr rr 1 ) 

(d) If " applyCml n1) then 
wait ( y) iff eitl-(.r 

<i) y = apFl^irrS n2) wall's(in1 rrS) and waUs(n1 n2> 
o r 

(li) rr ” landa(al) it£ “ larrda(aS) walis(rr1 mS ) 
wali<3(n1 n2) and sbst(n? one a2 y) 


1 9 Definition n_waUs s 

n_„wall- s IS the refle ive transitive closure of waits 
relation The forirula n_walha( y n) ireans tl at waits to y in n 
wait taps The relation n__walti5 is lefined recursively on tt e 
length of the waih chain as follows 

(a) Hefle ivity over walhs relation 

n_walt'S (uvO) iffu v 

(b) Transitivity over walhs relation 

n_walts <u w S<n>) iff n_wall s (u v n) and walls (v w) 

1 10 Induction scherras 

We lave following two scherras of induction on the structure 
of terrr 

A lom sub_teriT__induction <V < tern ) (VP s te rrr Prop) 

((Vc const,! P ( constant ( c ))> “ 

( (Vv nat > P ( var labl e ( V ) ) )- 
( (Vrr terrr)(( sterrr) sub__tenT( rr)- P(<))- 

P( Ian da(m) ) )~ 

( (Vm 1 term) (VmS terrr) 

((V terrr) sub^term( rr1>- P<! )) 
((VyJterrr) sub_.term(y itE>- P(y)) — 
P(apply (tr 1 rr2) ) )- 


A lom t rrr indULtion 


(V sterrr)(VP terrr Prop) 

( (Vc con t) P ( constant ( c )) ) 

( CVv nat ) P ( var 3 abl e < V ) > )- 
( (Vrr t rrr) P(rr)- P ( ] am -la( rr ) ) ) 

< <Vrr 1 tern ) (rr2 term) P(m1)- PCirE)- 

P(apply(iTl rrS)))" 


PC {) 


The scherra sub_terri_induction is tl e stronger of the two in 
the sense tl at terrr^induction can be derivei fron it and not vi e 
ve r a 


S Some properties of incr^f ree„var and sbst s 

Tl IS section presents sorre properties of me r_f ree^var and 
sbst In a] 1 the lerrnas the cases which are stated to be 

tx- V ctl actually re ult in absurdities Anything can be proved 
frorr nbsurdity Hence the proofs are trivial 

(a) Lerrrra sbs t_not__f ree_in t 

Tl 13 lerrrra says that if we increrrent the free variables of a 
terrr bound beyond i levels then the terrr is free for the variable 
of S(i) th level The staterrent of the lemma is s 

^Y^cr■ t y J>->sbst<rx <rs i.J> y w^-xrw=yj> 

Proof t Tie proof is by induction on the terrr y 

We have in c r_„f ree__var ( y i y ) C1) 

sb t( SCi) y w) (H) 

We have to prove w»y 

Variable case a We have y=vat labl e C v ) <3) 

For V 1 _ The variableCv) in the eq (1) is bound so froir the 
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definition of incr„f ree_var y =vat3able(v) This variable is 
onre igain bound in the e^ (2) so w=var labl e ( v ) 

For v= The varjabletv) is bound in tie e q (1) so 

y “variable(v) Once again this variable is bound In the eq (2) 
hence w“var labl e ( v ) 

For y 1 __ The variablefv) is free in tie eq (1) so 

y “var 1 abl e ( v+ 1 ) Once again this variable is free in the eq <H) 

so frori the definition of bst w=var labl e ( v ) 

Lambda case We have y=laiT la ( rr ) 

From the definition of incr_f ree_var for lamda case 

eq (1) there e ists rr such that 

y -alarrdatrr ) i ncr_f ree_var (rr S(i) rr ) 

From the definition of sbst and eq (2) there e ist < and rr 
that 

incr_f ree__var ( •< 0 ) w=lamda(rr ) sb3t( S(S{i)) rr rr ) 

From the induction hypothesi and eq (5)&(6) we have n-^m 

w“larr da ( n ) 

Apply cases We have y=apply(rt1 n2) We have the appropriate 
induction hypotlescs for the terns rr 1 and it2 Frorr the eq (1) we 
have 

y =apply(rr1 m2 ) in cr__f r ee_var ( m 1 i rr 1 ) 

in cr__f ree_var (m2 i rr2 ) (7) 

From the eq (2)&(7) 

w-apply(tr1 rr2 ) sbst(< S(i) rr 1 ml ) 

sbst( a<i) m2 m2 ) (8) 

From the inductive hypotheses we have m1=m1 and rr2=mS 
Hence w«=apply(m1 m2) 


(4) 
and 

(5) 
such 

( 8 ) 

Hence 
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(b)lncr_incr lerrma 

The lemrra shous how the ofder of two in c r__f ree__var can 
e ch-^nged The statement of thi lemma is 

<,1 j Tvaty l&ij lJ>-> 

i.ner__/r'ee_i>etr-<rx i xf J>->inLcr fx-&&_<oetx-Cxi J xi J>-> 

Yicr- fT&&_pctx-Cx j Xtd nor- f _^ctx-C xS: SdiJJ xi .? 

Proof The lerrrra is proved by induction on the tructure of 
term We I avc 

le ( J 1 ) 

in c r_f r ee__var ( i 1 ) 
incr free__var( 1 j 1 > 

incr^f ree__var ( < j S ) 

We have to sf ow incr free var(<£i S(i) 1 ) 


be 


ti e 

( 1 ) 
CS> 

(3) 

(4) 


Variable case Different cases arise depending on the difP rent 
values of i and j 

For 1 V , J V J. The variable v is free in eg (2) So 

1 "var labl e (S ( V ) ) This variable is again free in the eg (3) So 
1 =svar labl e ( v+2) The variable v in the eg (4) is free and so 
k£ “var lable (S( V ) ) From the definition of incr_f ree_var we have 
that incr free~var( 2 S(i) 1 ) holds 


for 1 V , jg"v __ This case is trivial 
For 1 V , j V _ This case is trivial 

For i^v , J V „ In the eg <E) the variable v is bound and so 

1 “Variable(v) This variable is free in the eg (3) So 

1 =variable(S( v) ) In the eg (4) the variable v is free and so 
<8 ==variafale (S( v) ) Froir the definition of incr_f ree„var we have 
that in c r__f r ee_var ( k2 S(i) <1 ) holds 
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Fo r J=v In all the eq (2) (4) the \ariables of 

eub<5titution are bound So 1 ^var lah le < v ) 1 variable(v) 

2 =variable(v) Henc in c r_f r ee_var ( 2 &(i) <1 ) holds 

I or X V , j V j. This case is trivial 

For 1 V , J V _ The variable v in eq (2) is boon t so 

1 =variable(v) Tfia variable in the eq (3) is free so 

1 -sar lable (S( v) ) In the eq (4) the variable v is free so 

2 =v Hf iab3 e (S ( V ) ) Frorr the definition of incr_f ree_var it holds 

thit incr__f ree_var < c. S<i) <1 ) 

For 1 V , J -‘V _ In all the eq (2)-(4) the variable is bound so 
we f ave !<1 «variable(v) 1 ^variable ( v) and <P -variabletv) 
Hence incr_f ree__var ( <2 S(i) 1 ) 

For 1 V , j V __ This case is similar to the previous case 

Lambda case Here we have larr la(m) Fron the inductive 

hypothesis for rr the proof is straight forward 

Apply case ± The proof follows from the inductive hypotheses 

< c ) lncr_»bflt_lemm«1 s 

This lerrnra shows how the inc r_f r ee_var distributes over the 
sbst Without the restriction lt(i j) the leirita can not be 
p roved 

ItCi jy->sbstCx J y wiy->nn.cir_fr-e&_\>aic'Cwi t 

truer _fx-e&_vctx'Cx x y->tncr t y J>— > 

sbstCx SCjy y wsy 

Proof » This lerrma is proved by induction on the structure of the 



lern y Wp have 


1 1 ( 3 J ) 

( 1 ) 

bst ( < J y w1 ) 

(2) 

incr_f ree__var ( w 1 i w2 > 

(3) 

incr__Free_var ( i ) 

(4) 

in c 1 __f r ee_var ( y i y ) 

(5) 


We f dve to prove that sbbt( S(j ) y w? ) 

Var 3 abl e case We have y«var labl e ( v ) The various cases for 

the different values oF i j are shown below 

For _i V , 1 ) V _ The variable v in pq (2) i free so wl-Pred(v) 

This variable in e :| (3) is a^ain free so w2»var lable ( v) The 

variable v in eq (b) is also free o y =S(v) Hence we have 

sbst<) S<j ) y w2) 

r or j V , S ( 1 ) ^-y _ This case is trivial 
For j V , S ( i ) V J_ this case is also trivial 

For ..1 ”v , S ( i ) < V J_ The variable v is the actual variable for 

substitution in eq (2) so w1=k So fron the eq (2)S(4) w2®‘! 

The variable in eq (3) is free so y “’var iah 1 e (S ( v ) ) Hence 

sbst ( )< S( J ) y w2 ) 

For i °v , S ( i ) V 1 The situation is sirriiar to the previous case 
For J «v , S( 1 ) V „ This case is trivial 


For J V , IV J 

The 

variable 

V is bound 

in 

e q ( H ) 

w li-var iable ( v ) 

This 

variable 

IS free 

in 

eq (3) 

w2“variable (B< v ) ) 

The 

variable 

V is free 

in 

e q (5) 


y =-vai lable ( S( V ) ) Hence 3l'st('< 


S(j) y w2) 


h 0 r j y 3 -”v £ lie variable v is bound in the eq (S) so 

w1-var 1 -^bl e ( V ) This variable is again bound in eg (3) so 

w2“var labl e < V ) The variable v is bound in eg (5-) so 
y “variatle ( v) Hence 3bst(K S(j ) y w2 ) 

For j V , 1 V T I e situation is similar to the previous case 

Lambda case £ Here we have y=lamda(rr ) Frotr eg (S) there e ist 
)£0 mO such that 

w l-larr di < mO ) in c r__-f r ee_var ( x O xO) sbst(<0 S(j ) m mO) (6) 
hrorr the eg there e ists ml such tl at 

w2«l imda ( m 1 ) and incr_f ree_var (rrO B(i) rr 1 ) (7> 

Frorr the eg Co) there eKi ts mS such that 

y =landa<n2) and inc r_f r ee_var ( rr S(i) rrS) (8) 

We can find such that 

me r_f ree__var ( ) 0 ) (9) 

Frorr incr_incr_lerrrra and e gs (4) (6)&(9) we contlude 

incr free_var(<0 S(i) ) Frorr the inductive hypothesis for m 

sbst( S(S(j)) rrS rr 1 ) Hence from the egs (7) (S)&(9) we can 

conclude that sbst()-! S<j ) y w2) 


Apply 

c^se s We have v“ai:ply(rr1 m2) From the 

eg (E)“ 

~(5) 

tl ere 

e 1 st 

rr 1 rr 1 ml rr2 

rr2 

rrH 

such that 





wl^applyCml it2 

) sbst(x J 

nr 1 m t ) sbst ( 

J mE 

it2 ) 

( 10) 


w2=»appl> <iT 1 

m2 ) 

in c r_ 

_f r ee__var < rr 1 

1 rr 1 

) 





me r_ 

f r ee__var ( rrE 

1 rrE 

) 

( 11 ) 


y ^ap ply (rr 1 

rT2 

) in cr 

__f ree_var ( tr 1 

1 m 1 

) 



in c r 

_f ree. 

„var (mE i rr2 ) 



( 12) 

Frorr 

the inductive hypotheses 

f 0 r 

rr 1 and m2 

we 

can 

infer 

sbst < 

< S(J ) IT 1 IT 1 ) 

and 

sbst ( y 

S(j ) mE 

m2 ) 

Hence 

F roiT 


3S 



tl-e definition of sbst sbst(K S(j> y w2) 


(d) lncr__sbst_lemma2 s 

Tf 1 1 again anotl er distfibution of incr_f r8e_var over 
^abst The iTinor variation frorr incr_sbst_l6iTtTa 1 Y to be noticed 
careful ly 

t S<^ jy!>~>sbstCm. i et wi y->-Lri.cr fx&&_\jax-C\i>i j v}S^-> 

tlcx _/ x-&&_\>ca'€a. S€j> a _/^•ee_^>cur <rm. j m. J>-> 

sbst<!^m. L CL w3y~> Cw3=w3y 

Proof 5 7l-e proof is ty induction on the structure of the tern 


a We lave le(i S<j)) (1) 

si st(m i a w1) (2) 

incr„Free_var <w 1 j wE ) (3) 

incr_f ree__var <a P(j ) a ) (4) 

incr„f ree_var <rr j it ) (5) 

b8t(m 1 1 w3) (6) 


Variable case __ We have a-var labl e ( v ) The various cases arising 
depending on various values i and j are shown below s 


for 1 V, S(.i) V 

The 

variable v 

is free 

in 

the 

eg 

(E) 

so 

w1”var lat le ( v~ 1 ) 

1 h i s 

variable is 

again 

free 

in 

eg 

C3) 

so 

wE^var lable ( v ) 

The 

variable v in eg (4) 

1 s 

also 

free 

so 

a "variable ( v+ 1 ) 

This 

variable is 

3 1 ^ 

free 

in 

e g 

(&) 

so 

w3“Var lable ( v ) 

So wE“= 

w3 







For 1 V, SC J )“v 

The 

variable v 

IS free 

in 

the 

eq 

(E) 

so 

w1®»variable<v-1 ) 

Th IS variable 

IS bound 

in 

e g 

(3) 

so 

wE var labl e ( V- 1 ) 

The 

variable v 

is bound 

in 

e g 

(4) 

so 

a “variafaleCv) 

This 

variable is 

free 

in 

eq 

(6) 

so 



w3“var lable ( V"1 ) So wE*=w3 


For 1 V 


_ The situation is very sirriltr to the pfevious 


case 

For i=v , S( j ) V _ This case is ttivial 

For i"V , S( j )"v 1 Tl e variable v in eq (S) is the actual variable 
to be ^eplaced[ so w1=rr and w2™(t The varinble v is bouni in 
eq (4) 0 a ™variable<v) This variable in eq <6) is the actual 

variable for sub titution bo w3“>rr Hence w2=w3 

For ia°v , 8 < .1 ) V __ II is ase is similar to the previous one 

For 1 V , S ( I ) V _ This case is trivial 

For i V , S( I )"V 1 This rase is also trivial 

For 1 V , S ( _i ) V _ The variable v in eq (2) is bound so 

w 1s»var lable ( V ) The j can be greater than or equal to v So the 

\ariable in the eq (3) is bound so w2=:var iabl e ( v ) The variable v 

IS bound in eq <4) so a =variable<v) This variable is again 

bound in eq (8) o w3-*var labl e ( v ) Hence w2""w3 

Lambda case J. We have a=«lamda(m) Frorr eq there ei ist 

nO n1 ml irS rf2 such that 


w 1®lan da(iT 1 

) incr__f ree__var <rr 0 

rrO ) 5tst(rrO 

S ( 1 ) m rr 1 ) 

(7) 

w2= 

larrdaCiT 1 ) incr„Free 

__var (if 1 S ( J ) 

rr 1 ) 

(S) 

a » 

lamdafrrE ) incr_free__ 

var (rr 8 (S( j ) ) 

trE ) 

(9) 

w3“larr da ( it2 

) incr„f ree_var (m 0 

rr ) sbst(tT 

S<i) rr2 rrE 

) 





( 10) 

From incr_incr__ 

lerrma and eq (5) (7) 

( -10) we have 




in cr_f re e_var (mO 

S( J ) tr ) 


( 11 ) 
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Fiorr the inductive 1-ypothesis for n ue conclule that 
IT 1 iti2 Hence wS“W 

_ Hefe we have a=aFp4(n1 rrS' Fron the inductive 
hypotheses for m 1 and n? the F>"oof of this case is straight 
forward 

< 0 ) Lemma Incr_walk 5 

incr fT<st&_ucL3['Crvl l n.3f J> — > rncx- fx-<s&_vctx-Cnjd x nS J> — > 

wctlhsCni -> wmlksCni J> 

This lerrira tells us how the wall s relation behaves witl 
respect to i ncr__f ree_var Ihi lerrna is needed in the proof of 
lambda case of sbst^lerrrra 

Proof s The lemrra is pi'oved b> induction on the structure 

teriT n1 We have 

in r r_f r ee_var ( n 1 i n1 ) 
incr__f ree_var (nS i n2 ) 
walls (n1 nE) 

Variable case t Here we have n 1=variable ( v ) Frorr e j] <3) 

nE"var labl e ( V ) (4) 

Tl ree cases arise depending on the relation between i and v 

For i y „ The vnriafale v is free in the eg (1)&(E) So 

n1 =var lable (S< V ) ) and nE =variable(S( v) ) Frorr the definition of 
walls n1 walls to nS 

For i-ay __ The variable v is bound in the eg (1)&<E) So 

n1 «variablei;v) and nS s=var lable ( v ) Frorr the definition of walls 
n-l wall s to nE 


of the 

( 1 ) 
(E) 
(3) 
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F-.g..r. JLJil - ll"® c.aa£ j ver> sinilar to the previous one 

bda cas e Here n 1®-1 '=vrr ia^rr ) I rom the inductive ^ypot^eslS for 
terrr n an i t|-e definition of waU tie proof js obvious 

Ap ply case Here we lave n1=‘apply(n1 rrc') froir the eq (1) there 
e 1st IT 1 nd such that 

n1 =apply(iTl m2 ) incr_f ree_var (rr 1 i rr 1 ) 

incr__f ree_var (it2 i it2 ) (5) 

I- rom the definition of walls two subcases an e s 

Subcase < a ) n?“apply(m3 (t4) wall stir 1 rr3> wall-s<iT2 rr4) (&) 

Ft-oiT the eq (Z)&(6) there e ist m3 ir4 such th it 
n2 ==>apply(rr3 n4 ) incr_f ree_var (it3 i n3 ) 

incr_f ree_var <m4 i it4 ) (7) 

Fron intuctive hypotheses for mi rr2 and eq (6)&(7) 

wallstiil m3 ) and wall'S(m2 rr4 > Hence n1 walls to nS 

Subcase (b) There exist a a1 it 3 m4 such that 

m1 = laiTda<a) iT3“laiTda(a 1 ) walls(n1 m3) walls(nH it4) 

sbst(iT4 one a1 n2) (S) 

We can find terms m3 it4 n2 a1 such that 

in c r_f r ee_var ( rr3 i it3 ) (9) 

incr_f ree_var (it4 i m4 ) (10) 

m3 “laiTda(a1 ) incr_f ree_var (a1 S(i) a1 ) (11) 

sb t(m4 one a 1 n2 ) ( 12) 

From the lemma incr__sbst_lemrra2 

n2 »nH ( 13 ) 

Frorr the inductive hypothesis for ml m2 we infer that 

walls(rr1 m3)walls(iTE m4) (14) 

From the definition of wall and eq (1E)a(14) 

walls(n1 n2 ) Hence frorr eq (13) n1 walks to nE 
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(f) Sbst_,sbst„lemma 

Tfis lerrrra shows !■ ow two successive bst operations can be 
e) changed The restriction that j:£i is wan anted in the proof of 
the lerrma 

l&Cj ^y->sbstCrfi2 j mi wi>->sbstCrLB i v>i 
yi£r_/re«_'ucirCn^ yxS :>->sbstCYi£ SCtJ mi mi 

sbstCn^ t me? :?->sbstCm£ j ml w3>-> Cw3=w3:? 

When written in usual notation for j ^ i 

LnE/i3 CCn£/j3m1 = L CnE/iDm£> /j 3 tCn2 /S(i)Jn1> 

Proof s Tl IS lerrna is proved by induction on the structure of 


tl e terrr rr 1 

le ( J 1 ) ( 1 ) 

sbst (m2 J m 1 w 1 ) id) 

sbst(nE 1 w1 w2> (3) 

incr_f ree__var (n2 j 1 nE ) <4> 

sbst(n2 (S i) IT1 ml ) (S) 

sbst(n2 i mE m2 ) (6) 

sbst (rrE j it 1 w3) (7 ) 


Variable case e For different values of i j the value of wE and w3 
are shown to be equal 

For .1 V , 1 V , 5 ( i ) v J. In the eg (2) variable(v) is free so 
w Invariable ( V“ 1 ) This variable is Free in eq (3) so 

w3“viriable ( v-E) In eq i->) the variahle(v) is free so we have 
rr 1 =var lable ( v-1 ) When S(j) v the var labl e ( v- 1 ) in the eq (7) is 
free so wE^var lable < v-2 ) So wE=w3 The case S(j )S:v is not 
possible 

For J V , 1 V , S ( 1 ) = v i. As in the previous case w 1=var labl e ( ^ ~ 1) 
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In the e (3) vai- labl e ( v~ 1 ) i the varintle for substitution So 
w2“=nS In e :) (b) tie variable(v) is the variable for 
substjtution so rr 1 =n2 So fron tie lerrna sb 3 t_not__f ree and 
eq (4)&<7) we have w3=nS Hence w2=w3 


Fo...r. J V ? SJ.i> V _ This case is trivial 


For .1 V , i = v _ 
w 1-var 1 •^b] e ( V“ 1 ) 
wHi-var lable < v - 1 / 
rr 1 -var labl e ( v ) 
w Invariable ( v- 1 ) 


In the eq (2) the variable(v) is free 
In the eq (3) this variable is bound 
In eq <5) the variable(v) is bound 
This variable is free in eq (7) 
Hence w2=w3 


so 

o 

so 

so 


For j V > 1 V i. Tl e situation is ver> inilar to the previous case 

and we have w2'="W3 var labl e ( v- 1 ) 


For j ~v , 1 li. _ This case is trivial 


For ] ny , i = v j_ In eq(2) the variable(v) is the actual variable to 
be replaced so w1“<tT2 So w2 = Cn2/i3rr2 In the eq (5^) the 

variable<v) is bound so rr 1 nvariable(v) This variable is the 

actual variable to be replaced in the eq (7) and so w3 = itE i e 
w3 “ Cn2/i3rr2 Hence wE^wS 


For j ny , i V __ The situation is very much sarre to the previous 

case We have wE=w3"Cn2/ i 3m2 

For j V > i V _ This cise is trivial 

For .3 V , i = v £ This case is also trivial 

For J V. 1 V „ In all the eq (2) (3) (5)&(7) the variable v 
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IS hound Hencp wP-wS-var labl e < v ) 


Lair b la case Here we have rr l--lafrda(m) He r^oof of this leirma 

e eiipli-Ties the utility of a proof checl-er in cotTple proving We 
liavp thie induction lyrothesis tliat 

(niE n1 rrE w 1 wS w3 riE nS terrf)(i jBnat) 
le(j i)~ sbst()TE j m w1)“ sbstCnE i w1 wt.)- 
inct^free var(nE j~1 n2 )- sbsKnE B(i) rr rr 1 )- 

sbst(nE 1 m2 it2 )- sbst(iTE j it 1 w3>- w3 w2 (8) 

Froir the definition of sb t and eq (E) tiere n ust e ist 
mE 1 w 1 1 suci th at 


incr free var<nE 0 itEI) (9) 

w 1“larrda(w 11) (10) 

3bst(m21 (j) rr w11) (11) 

Fron thie iefinition oh sbst and eq (3)&(10) there e j^^st Hiul wSI 
such th at 

in r_f ree_var ( n'^ 0 nEI) (IE) 

wE"lamda<wE 1 ) (13) 

3bst(nE1 S(i) w11 wEI) (14) 


Frorr the definition of sbst ind ej C^) there e ist nE rr 1E suchi 
tl at 


incr_f ree_var (nE 0 nE ) (IS) 

m1='landa(rr1E) (16) 

sbst(nE S(S(i)) rr rrlE) (1/) 

From thie definition of sbst and eq (7)4(16) there e ist mEE w3H 
suchi that 

in cr_f ree__var (itE 0 rrEE) (18) 

w3«laiTda(w3E) (19) 

sbst(rr2E B(j) rr 1E w3S) (EO) 

From the in c r_in c r_l eirma and eq (4) (12)&(15) we htave tlr^^t 

incr„f ree_var (nE 1 j nE ) (21) 


Froir thie incr_sbst_lerrma 1 and eq (6) (9) (12)4(18) we hrave thrat 
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sbst<niri1 S( 1) nP1 m22 ) 


( 22 ) 


FcaiT the induttijn l-ypathe la (8) and eq (11) (14) (1"^) (20) 

( 21 ) 

w21“w32 (23) 

Fro IT tl"e a:^ (13) (19)&( 23 ) we I" ave wE=w3 


AlcIv ca e Here 

we 

have n 1=app ly (m3 it4) 

We 

also 

h ave 

the 

ar pi^oi- !■ induction fypothe es for tie term 

rr3 

it4 

Fr orr 

the 

definition of sbst 

nnd 

eq (2) there e i t m3a 

m4a 

such 

that 




w 1“Hp ply (fr3a m4H) 




(24) 



sbstlirZ J rr3 m3a) 




(25) 



sbst (it 2 J nr 4 m4a) 




(26) 

Fron tie leflnition 

of 

sbst and eq (3)&(24) there 

e 1 st 

rT3b 

m4b 

such that 


wE^apply (rrob m4b) 




(27) 



shst(n2 1 m3a mEb) 




(28) 



sbst(n2 1 iT4a iT4b) 




(29) 

From the definition 

of 

sbst and eq (5) there e 

1 st 

m3c 

it4c 

such 


that 

it 1 =apFly(rr3c rr4c) (30) 

sbst(n2 S(j.) it 3 m3c) (31) 


sbst(nE S(i) rr4 m4c) 

From the definition of sbst and e (7) tfere e ist m3d 


(32) 
iT4d such 


that 

w3=ap|:ly(m3d iT4d) (33) 

sbst(m2 j iri3c rrSd) (34) 

sb3t(rr2 J tT4c iT4d) (35) 

FroiT the induction hypotfesis for m3 it4 and e;i (24)-(35) we have 
that nlb^rrld and m2b~m2d Hence w2=='w3 


3 Sbfit^lemma a (Subatitutivity of walks) 

This lemma asserts that if a1 and n1 wait trO a2 and n2 
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respe tamely then tte result of substituting n1 in a1 For i waUs 
to tl e result of sub tituting n2 in a.d for the s^rre variable 
wcLlksCcti a£^ -> wctlksCni nS^ ~> sbBiCnl t a.i wi y 
sbst€n2 t Old: w£y -> victlktsCwi 

This lerrna is crucial for the proof that the walhs relation 
follows diarrond property 

Proof 


Th 1 s 

lemma is proved by induction 

on the 

st ructure 

of 

term a 1 

Here we have 





walls(a1 a2) 



( 1 ) 


walls(n1 nE) 



(E) 


sbst ( n 1 i a 1 w 1) 



(3) 


sbst(n2 1 aE wE) 



(4) 

Variable 

ca e Het-e we have a 1=var lable ( v ) 

Fr oiT the 

def ini tion 

of 


walls and eg <1) we have a2 =« variable(v) Here three cases 
arise depending on the relation between i and v 

Por i V £ In the eg (3)&(4) the variable v is free so f r oir the 

definition of sbst we have w1 = Pred(v) w2 = Pred(v) So frotr 
the definition of waits w1 walls to w2 

For i=v __ In both the eg (3) and (4) the variable v is the actual 
variable to be substituted So from the lefinition of walls w1»-n1 
and w2“-n2 From eg (2) w1 walls to w2 

Ear i__M. ~ Iri both the eg (3) and (4) the variable v is bound So 
from the defihition of sbst w1=var iabl e < v ) and w2“var lable ( v) 
Hence w1 walls to w2 

Lambda qase Here we have a1 = lan-da(m) Frorr the definition of walls 


th 
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and eq (1) there e iiit ml such that 

aci^lan da(tT 1 ) -^nd waUs(iT n1) 

F roiT tl e definition of sbst -^nd eq <3) <4)&<5) 

1 n c 1 _f r ee^v ar ( n 1 0 n1 ) w1~landa(w1 ) sbst(n1 S<i) it w1 

in c r_f rpe__var ( nS 0 nc. ) wE”lafrda(w2 ) sbet(n2 S<i) m wS 

Ft CUT the lerrma me r wait an 1 eq (6)&(7) 

wal F s (n 1 nH ) 

Frorr the inductive hypothesi for m and eq <5) (7) 
infer wa3Fs(w1 wS ) Hence from eqs (6)&(7) wallsS(w1 v,E) 


( 3 ) 

h (6) 
) (7) 

( 8 ) 

we 


£LLfil.y case s Here we have a1«apply(m1 rrS) 

Here two cases arise frorr the definition of wait 


‘bubcase ( a ) 3 There e ist rr3 and fn4 such tF at 

aE^apF ly (it3 rr-^) waUs(fTl rr3) waltsCmE m'fl ) (9) 

Frorr tie definition of sbst eq (3)&(4) there e ist rr 1 (tS 
n3 rr4 such that 

w1 aFFly<rr1 itE ) sbst(n1 i it 1 rr 1 ) bst(nE i trS itE ) <10) 

w2-apply<m3 tT4 ) sh t<n1 i m3 it3 ) sbst(nE i it4 it4 ) (11) 

Frorr the inductive Fypotheses for m1 and rrE we infer that m1 
walls to m3 and rrE walhs to rr4 Now frorr the definition of 
waits w1 waits to wE 


Subcase ( b) There e ist terrrs a a1 rr3 m4 such that 

rr 1 = lamda(a) rr3=larrda(a1 ) walhs(a a1) walFs(rr1 rr3) 
wait (rrS it4) 5bst(rr4 one a1 aE ) 

From the eq (3) and definition of sbst there e ist rr 1 rrE 

th at 

w1~apFly(tTl (tS ) sbstCnl i rr 1 n 1 ) sb t(nS i rrE mE ) 
We can find terms nE rr4 a1 w such that 

incr_f ree_var ( nE 0 nE ) 
sbsttnE 1 it4 it4 ) 


( IE) 
such 


( 13) 

(14) 
( 13) 
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sbst (nE S( 3 ) a1 a 1 ) 
sbst(m4 one a1 w ) 

Fron If e eq (13) (17) and lemrra sb t ab t_lemTa 
w FroiT tie inductive lypotheses for it 1 mE 

waUs(rr1 laiTda(a1 )) md wal h s (itS 
hrorr the de+inition of wall's and eq (17)&(18) 

wal h s ( ap p ly ( IT 1 ttE ) w ) 

Since w -wS Frorr tie eq (19) we have waUs(w1 wE) 


( 16) 
< 17) 

we can infer that 
we I ave 

n4 ) (18) 

( 19) 


4 Walhs follows diamond property (Theorem diamond_.walks ) 

In this section we prove that tie relation wall-s 
follows dianond property 1 1- e theorem diaiTond„wall'S reads as 

Cx t&T-rfO di.cmuDYid Cx!> 

It states that all limbda calculus terrrs can be the sources of 
diaiTonds Another forn of the staterrent is 

walkjscTx yJ> arid. \i)a.lksCx sJ> => 

3 (w t&r-YiO€u>a.lh£/€-i^ ^ MtalksCss 


Proof! The proof is by induction on the structure of the terrr < 

1 e the term which is being walked from We mal- e use of 

sub_terrr__induct ion instead of te riT_i nduc t ion The 

sub_teriT_induct ion is a stronger version of induction on the 
structure of the terrr The use of sub_„term_induction is actually 
necessitated in the case when o:apply(m n) rr=«larrda(m ) for some 
n n m and the last rede < /9_reduced in tie wait is apply(iT n) 
In this case if we had made use of terrr_induct J on we have the 
induction hypothesis only for the terrr m But we need a stranger 
induction hypothesis holding for the sub„term rr of m It is sure 
that we can prove that the term rr can become the source of a 
diamond if we have that rr is the source of a diamond and 
m=lamda<iT ) once we have wall'_diarrond But we are actually proving 
the diamond property itself and hence can not deduce that m can 
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he tie source of a dianond if n i one such So we need the 
sfron^ef ver<iion of induction 

We have waUs< y) and walt>s() ) (D 

Variable cas.e i. We lave t - variabletv; If walh to y an i 
frori the definition of waits we have that 

y »= variable(v) and - variafaleCv) (2) 

Choose w 15 vai lable(v) Froir the definition of walls and fron the 
eq(?) we have that bott y and wall to w 

Lambda c ise __ We have } = larrdaCrr) If < walls to y and frorr the 

lefinition of walls there mu t ei ist terirs it 1 and it2 such that 

y = larrda(iTl) ind wallslrn ml) (?) 

= lamdi(iT<i„) and walls(m mS) (4) 

Induction lypothesis says that all the sub_terns of it and n can 
be tl e sources of diamonds This rreans that it and n themselves can 
be the sources of the diarronds Frotr this and eq (3) and eq (4) 
it follows that there rrust e<ist a term m3 such that 

wi1Is(it1 it?) and wall5(mE ni3) 

Choo e w “ lamda(m3) Frorr the definition of wall 
eq (3) (4)&(5) we have that both y and z wall to w 

BlPFjLy case __ Here we lave ) =apply<m n) We have walls( y) 
walls(K ) Frorr the definition of walls there arise 

subcases dependinq on whether or not rr is an abstraction and 
IS whetler or not the rede< aFply(m n) is the last rede 
/a'-reduced in the wall 

Subcase (a) ApplyCrr n) is not the last rede to be ^-reduced in 
both the walls to y and From the definition of walls if x walls 
to y and then there must e<ist terms ml n1 mS n2 such that 


(b) 

and 


and 
four 
if it 
to be 


> = applyCrrl n1) and ~ aFply(m2 nH) (6) 

wall'3(iT rr 1 ) and waUsCn n1) (/) 

wall-3(rr it2) and wall-s(n n2) (8) 

We have the induction hypotheses that all subterirs of rr and n can 
be the ounces of diaironds This obviously rreans that the terms m 
and n can thenrselves be the sources of diaironds Frorr tl is 
conclusion and eq (7)&(a) there rrust e ist w1 and w2 such that 

wal h s (rr 1 w 1 ) and wait s (m£ w 1 ) (9) 

walhs(n1 w2) and walhs(n2 w2> (10) 

Now choose w = apply(w1 w2) Frorr eq (8) (9)t (10) and from thie 
definition of waU s we can onclude that y of the font 

apFlyCrrl n1) and of tie fortr aprly(nH n2) walls to w of tl e forn 
app] y ( w 1 w2 ) 

Subcase ( b) Aprly(iT n) is the last redex to be /9-reduced in the 
walh to ^ while it is not in the walh to y Froir the definition of 
walh s if walhs to y then there must e<ist terms rr 1 an i n1 such 
that 

y ” apply(m1 n1) walhstm m1) and wall (n n1) (11) 

Frorr the definition of walls and the eq (11) there must e? ist a 
terrr a1 such that 

rr 1 - larrda(al) and walhs(a a1) (12) 

Froir the definition of wall< if walls to then there must 

e<i t terirs a a2 it2 n2 such that 

rr “laiTda(a) in2«l air ia (a2 ) wall'6(a a2) walhs(m m2) 

wall (n n2) and sb5t(n2 one a2 ) (13) 

From the induction hypotheses that all the sub-terms of m and n 
can he the sources of the diaironds the terms a n can be the 
sources of diaironds From this and the eq (11) (12)5(13) there 
exist terns a3 n3 such that 

wall'S(a1 a3) and wall-s(a2 a3) (14) 

wallsfnl n3) and wall'3(n2 n3) (13) 
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Now cl oobe d tciiT w buci" tf at sljst(n3 one a3 w) hroir tie 
definition oi w^ll s ind tte ei (11) < 1^) (l4)&C1b) we conclude 
tl at tf e tern s, of tie -forn af.ply(rr1 n1) walia to tie term w of 
tie font Cn3/1Ja3 froiT tie sb3t__lerrma ( bubs 1 1 tut ivi ty oF walls) 
and e:i (13) (14) (15) we conclude tl at tie terrr of the form 

Cn2/13a wall to tie term w of tie form LnS/ldaS 

Subcase „(, c.) — Af.ply(rr n) is tie last reie*^ to be /^~reduced in the 
waif to y while it is not in tie waif to Tl e proof is similai to 
tie last case 

Subcase , ( il „ Apply(fi n) is the last rede to be /^-reduced in both 
the walls to y and From tf e definition of walls there must 
e ist terns a a1 rr 1 n1 aO a2 mE nE such that 

IT - ]amda(a) ml lamda(al) walls (a a1) 
walfs(n rr 1 ) walls(n n1) sbst(n1 one a1 y) (16) 

IT lamda(aO> nE “« lamda(a2) walls(aO aS) 
wTlls(rr (tE) walf.s(n nS) and sbst(n2 one aE ) (17) 

Since n«-lamla(a)~larrda(aO) we have a=«aO Hence walfsla aS) (18) 

Tie induction hypotheses say that all tie sub-terrrs of tie terms m 
and n can be the sources of diamonds Tie terms a and n can be 
sources of diamonds From this and eq (16) eq (17) eq (18) we 
can conclude that there e ist terms a3 ni3 such that 

wall s (a 1 a3) and walls (aE a3) (19) 

walls(n1 n3) and walls(nE n3) (20) 

Now choose a term w sucl that sbst(n3 one a3 w) From tie sbst^lenrra 
(substitutivity of walls) eq (16) eq (17) eq (18) eq (19) 

eq (EO) we can infer that y of tie form Cn1/1Ja1 and tie form 
CnE/13a2 walls to w of tie form CnS/ldaS 

5 Reflenive Transitive Closure of Walls & Diamond Property s 

Tie relation n„wails is tie reflej ive and transitive closure 
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of walks relation The main result of tie section is that n wall s 

also follows diarrond property Before proving this we prove 
small lemtra 

S 1 Lemma m_one_diamond__one__m « 

n_\i>a.lks<:x y ny->walksCx sy-> 

(^wcLlksC'^ v>J> A n_wctlhsCe w 

This lemma is a special case of the subsequent theorem in the 
sense that the length of second walk chain is f i <ed at one Hence 
the proof is not given 

S 2 Theorem trans_diamond t 

n_wa.lk^Cx y ni ^~>n_Tuxi.lksCx s in£y-> 

3<rii> tGx-rrO n_yxilhisCy w A rL_wa.lksCs w ni ^ 



The statement of this theorem can be shown by the diagram above 
Proof • The theorem is proved by a double induction on the lengths 
of walk chains from < to y and i e n1 and n2 We have 

n_walks(< y n1) and n_walks('< z n2) (1) 

Case 1 ( ero_case) The lengths of wall chains are ero If >« 

walks to y and in 0 steps from the definition of n_walks for 

reflexive case 
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and 


y 


Now cl ooiaf W" Now frorr the leFxnition of n^waUs and 
Pnow tMi ii_wa]l-s(y w 0) and n__wallis( w 0) 


<S) 

e q ( S ) we 


t&sG (ind1_case) We have the induction hypothesis that for 

orr e f i ed n 1 nH 

( y tern) n_walhs( y n1) - n_waUs( nS) ~ 
a(w teriT) < n_walhs(y w n2) A n_waU 5 ( w n1) ) (3) 

We are given that for a particular < 

n„will-s(< y S(n1)) and n__walh (< z n2> (4) 

Now we have to e<hibit a w such that y and walh to it in n2 and 
SCnl) wall- steps respectively Frorr eg (4) and the definition of 
n„wall s for transitive case there must et ist a terrr 1 such that 


n_wall-s( <1 n) and walhs(<1 y) (5) 

From tie induction hypothesis anl eq (5) there e ists a term w1 
uch that 

n_wal h s ( K 1 wt n2) and n_waHs( w1 n1) (6) 

f ron the eq ('>)&(6) and m_one__1iamQnd_one_iT there e ists a terrr 
w2 such that 

n_wall<s(y wE nE) an i waUsCwt w?) <7) 

Choose w^wE Fron the eq (6)&(7) and definition of n_waU for 
transitive case we hnow that n_walhs(y w nE) and 

n wall->s(*. w S(n1)) 


Case 3» (indE„case) The proof is simlar to the precious case 
except that y and n1 and nS are interchanged 


Case 4 (ind3_case) 

We have the induction hypothesis that for fibred n1 and nS 
(< y terrr) n^waH-sCr y n1) - n_walhsC nE) - 
a(w term) ( n_.walks(y w nE) A n_waUs( w n1) ) <8) 

We are given that for fined y 
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n_wall-s(i< y S<n1)) and n_waU 5 ( S(n2)) <9) 

We have to exhibit a w such that y and wall- to it in S(nS) 
and S(n1) waU steps Frorr the definition of n_waUs for 

transitive case and eq (9) there eiist terrrs <2 such that 

n_waUs( <1 n1) and waUsC 1 y) (10) 

n_wall(s( <2 n2) and waUs(<2 ) (11) 

Frorr the induction hypothesis and eq (10>&(11) there e<ist w1 such 

that 

n_wall-.s(<1 w1 nE) and n_walls(<2 w1 n1) (12) 

Frorr the 1 eiTma_one_diamond_one_rr and eq ( 10) & ( 1 1 > &( 12 ) there 
e ist w2 and w3 such that 

n_walls(y wE n2) and wa 1 h s ( w 1 w2 ) (13) 

n_wali-s( w3 n1) and wall-s(w1 w3) (14) 

Frorr theoreir diarrond_walh and eq (13)&(14) there e ists a term 
w4 such that 

wall-s(wE w4) and wall'S(w3 w4) (15) 

Choose w = w4 Hence from the definition of n_wall'S for transitive 
case and eq (13) (14)&(15) we conclude that n_wallB(y w S(nE>) 
and n walhs( w S(n1)) 


X 





The whole construction of w can be shown in the above diagrarr 
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6 Chur ch*“Rosse r 

Tie ^e^ o-f the poof lies in showing that a b-step can 
be repre ented a<» a walh and a walh c^n be represented as a 
eries oP b steps This actually anounts to saying that fa-reduction 
can be cen ^s ref le ive transitive closure of walls relation 
We lave already seen how a particular refle<ive transitive 

clo ure relation of walks relation the n walls relation follows 

diarrond property 

6 1 Lemma b^sttp^to^WuXk* » 

b_jst&pC'u. ‘o!>->wal)<tsCu i>J> 

Proof a hrorr the definition of b_step u can be an abstraction or 
an application hor a particular u and v we have 

b step( u V ) < 1) 

Lan b d 1 case a Here we have u- 1 arr da ( it ) hrom the definition of 
b^step there e<ists ml such that V“lamda(m1) and b_step(rr tr 1 > 
From the definition of walks and inductive hypothesis for rr we 
have walks(u v) 

Ap ply case Here we have u«apply(n 1 irE) and apropriate inductive 
hypotheses for terrrs rr 1 and mE From the iefinition of b_3tep 
three cases ariaea 

Subcase ( a ) a Here rr 1 b^steps to n1 So we have 

va«apply(n1 mS) and b_steps(m1 n1) <E) 

From the inductive hypothesis and eq (S) we have 

walks<rr1 n1) and walks (m2 mS) (3) 

Hence from the definition of walks we have walks<u vl 

Subcase (b) „ Hare itS b_steps to nE This case is siirilar to the 
previous one 
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Sub£d_e Ssl „ Here we ^ave it 1 = latrda(a) and bst(m2 one a v) Fron 
the definition of wall- we have walls<u v) 

6 B Lemma n_b_steps_to_n_walh s t 

rL_b_s v nJ~>n._wa.lksC'ii v rL> 

We I now froiT the pTevious lenma thnt a b «itep can be 
repre ented as a wait step Current lerrrra says that a series of 
l__ste| s can be seen as an e:|ual nuirber of walh steps Current 
lerrrra can be proved by the induction on the length of reduction 
chHin and from the fact that n_walts and n_b_slep are refle ive 
tian ative closures of waUs and b_5tep respectively 

6 3 Lemma abs_same„b_steps s 

^ ^ TiJb_sterpClcuriida.CxD I cmuSotC v rO 
This lerrma follow straight forwardly from the definition 
of i'„b_step and induction on the length of reduction 

h 4 Lerrma b_step_tran8_add s 

n_b_jSt&pCu V n.iJ> -> nL_b_^tep<rv w n2> -> rL_Bt&fi<[xL w cxddCni 
This lerrma can be proved by induction on either n1 or n2 

6 S Lemma app^add_.b„ate ps s 

nJb_jsLe-pCml m3 ni y~>rt_b_Bt&pCm3 md n3:>-> 
n_Jb_^st&pCa.ppl^Crfd m£S> appl)^Cm3 wwL) cuddCni 


Proof « This lemma is proved by double induction on n 1 nS We have 
n__b__step<rr 1 m3 n1) ancf n_b_step(mS rr4 n2) ( 1) 


Case JLi (Base case) When n't'^'O nS=0 we have m1=m3 and iT2-m4 frorr 
the definition of n_b„step So apply(m1 m2) reduces in ero steps 
to apply(rr3 rr4) 


lec Ho 
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Case d_ (It\du(tion step for n1) We 1-ave 


ep. (rr 1 m3 S(n1)) and n__b_qtep(iTS it 4 nS) (2) 

We Tlso h^ve the inductive hypothesis for n1 and n2 We hnve to 
prove that 

n„h ste ps (ap p ly (m 1 m? ) arply(m3 it 4) add(S(n1> n2) hold hrorr 
the de-finition of n„walis and (2) there s) ists it 1 such that 

O-b-Step (IT 1 rr 1 n1) and b_step(rr1 irS) (3) 

FroiT tie indu tive hypothesis and eq <2>&(3) we h now that 

n_h_ tep(apply(rT 1 it2) apply(tTl it4) add(n1 nH) ) (4) 

Froir the definition oF b_step and eq (3) we have 

b_.step (ap ply(m 1 n4) apply(iT3 it4) ) (5) 

Froir the definition of n„b_step and (4)&(5) we have 

ri_b„3tep(apply(m1 m2) apply(n3m4) S(add(n1 n2) ) (6) 

From this it is obvious that 

n„b_stt, p ( ap ply (n 1 trS) apFly(rr3 m4) add(S(n1) n2) ) 

Case 3&4 These two cases are generalisations of tie last case 

h 6 Lemma wal l< s^to_b_ste ps « 

XMilksCu v^->3Cn natyn_b_st^pCu v nJ> 

This lerrma says that a waU step can be represented as a series of 
b~steps We have 

wall 3 ( u V ) ( 1) 

Proof » The proof is by induction on the structure of the terrr u 
Variabl e case a Here we have u-variable ( vO ) Frotr the definition of 
wal h 

V“var labl e ( vO ) (2) 

From the definition of refl„b_.step we conclude that the required n 
IS ero 
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L„a,mb^ We t we u--la(Tda(rr ) The inductive hypott-esis is 

(v Tein) wall-s(iT v)“-3(ntnat) n_b_3te|:(iT v n) (3) 

h^om tt-e definition of waU there t ists n1 such that 

walhg(rr n1) and v^larr da(n 1 ) ( 4 ) 

Froir eq (3)&(4) there e<ists n such that n_b_.ste p (it it 1 n) I roir 
abs_sarre„b_ teps n„b_step( lamdatm) v n) 

A-PHly We have u«apply(iTi1 nrS) We have to e hibit an n such 

that n_t__ t e p ( apply ( IT 1 itE) v n) We have the inductive hypotheses 
for ml and it 2 that 

(vsterrr) wall (irl v) - SCntnat) n_b__ 3 te p (it 1 v n) (5) 

(vsterm) waUs(nE v) - 3(ntnat) n_b_3tep(ii2 v n) (<f) 

rrom tie dehinition of wait two cases arisee 

Suh case ( a ) There e ist it3 it4 such that 

walks (ml m3) and walksCmE it 4) 

Fron tf e inductive hypotheses there e<ist n1 nE such that 
ft_b__step(iT 1 m3 n 1 ) and n_b„8tep(iTS m4 nS) 

From app_add„b„steps add(n1 nE) is the required n 

Subcase ( b ) a There exists a a1 m3 m4 such that 

m1 = lamda(a) m3'^lamda(a1 ) walhstirl n3) 

walhs(mE it 4) sbst(iT4 one a1 v) (9) 

From the inductive hypotheses there e> ist n1 nS such that 

n^b„step(m1 m3 n1) and n__b_step(mE it4 nE) ( 10) 

F-ron lerrira app add_b„steps and eq (10) 

n_b_step(apply (m1 m2) apply(m3 m4) add(n1 nS)) (11) 

From the definition of b„step and eq (9) 

b_.step (apply (it3 ni4) v) (12) 

From the definition of n_b_step and eq (11) (IE) we infer 
n_b_step ( apply (m1 mS) v S(add(n1 nE))> and so S(add(n1 nE)> is the 
required n 
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6 7 Lemma n„wall< s_to_n__b_steps s 

n^xoalksCn x> n:>->'3Cm. n£tt:>YtJ>_stepCu v nO 
ll’fc fcpviuu lenma bhnwed how a in^le wa II- step can be seen as a 
nurrber of h step.b TIis lerrma says that a walk clam can be seen 
a a series ul L„ teps The proof is by induction on tie length of 
tl e wall cl <iTt 

6 & Theorem Chur ch-Rosser 

For all x y and e rediieesCx yJ>~> reducesCx sJ>-> 

ScTvj) tormJ> r^9d^lc®^^<^y ii)J> rsduc&sCs i/>J> 

Proof » After unfolding the definition of reduces tiers e ist 
n1 n such tlat 

n_b_5teps(-( y n1) (1) 

n_b_steps<< nS) (S) 


We have to e<hibit a w such that y and reduce to it Frorr lerrrra 
n_b^ste pa_to_n_„walt‘ s we conclude tlat 





.walk s ( < 

y n 1) 




(3) 



n_ 

.wa 1 k 3 ( K 

nE) 




(4) 

Fron 

the lemma trans_ 

diamond and eg 

(3)&(4) 

tl ere 

must e 

1 st 

a 

w such that n_wall'S(y 

w nE) 

and n_walk-s<z w 

n1 ) 



(5) 

Froir 

the lemma n__wal k s_to_n„ 

.b^steps 

tl ere 

mus t e 

1st ml 

mE 

such 

tl at 

n_b_step(y w ml ) 

and n_ 

.b__step( 

W ITS) 

Hence 

proved 




54 



Chapter 4- 
Concluding Remarks 


In tl lb rt"a{,ter we briefly irention the argurrents for proof 
elect mg limitations of the present e<ercise protlefrs 

encountert 1 with the system and the future worh possible in this 
di rect 3 on 

The de Bruijn notation is trore suitable for computer 
irrplementatioTts of X. -calculus With this notation we do away with 
oi-reduction The present study stresses the fact tliat no essential 
pirt of X lalrulus is lost by switching to this notation 

The proof is presented in a goal directed rranner Goal 
directed proving is the reverse of natural deduction proving In 
the natural deduction we start with the a<ioms and reduce then to 
the goal In the goal directed proving we start with the goal and 
try to reduce the goal into smaller and smaller subgoals until all 
the subgoals are reduced to a<ioms 

In the present study we started with the mam theorem of 
Church Rosser as the goal As we tried to reduce this goal into 
smaller and smaller subgoals we came to the realisation that we 
needed some more lemmas to proceed further So these lerrrras were 
tdh en as axioms at that point of time These a<iam3 were tafen 
up later which in turn demanded some more lemmas For at ample 
consider the proof of the lemma that a single walh allows the 
diamond property This needs the sbst^lerrma (substitutivity of 
walks) in the apply case The proof of the sfast^lemra in turn 
demands a lemma sbst^sbst^lemma in the apply case This in turn 
demands the lemma incr„sbst„leirma1 which in turn demands 
incr_incr__^lemma In the machine proof these lerrrras are developed 
in the above mentioned order i e sbst„lerrma sbst_Bb3t__lerrtra 
incr_sbst_lemma1 and inch_xncr_lemma But in the proof presented 
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in lit laMPf lenrras are presented in the reverse order 

, e in natural leduution style So the ^oal directed proof 
presents a all tic approact since we do not Inot*, at the 
beainnin^ wl at 1 £ inir a ate needed for the rfooP We start with the 
goal and prove tie lennas as and when needed 

One irorc idvantaje of the proof checking by machine is clear 
when the proof hecoires very big coirple and unwieldly for the 

humans The proof of sbst bst_lemma for lairbda case clearly si ows 

the advarttige of hacing a proof checher at hand 

Fot the proof of the Ch ut cl „Rosser not much higher types are 
needed lit proof could have gone through in a first order systerr 
also Ihe proof of trotig noriralisation would have shown it ore 
cleuly Tht neiessit> of an higher order systerr 

On proLleit with the COL V 4 10 is the parsing tach 

overflow II e tactics theorem prover does not do the corrplete type 
cheihing Only after the coirplete proof is gone through wl en we 
try to s we the theorem the complete type checking is done At 
this point many of the large proofs (involving HO to 30 
e<istential eliminations) resulted in parsing stack overflows So 
the bigger proofs have to be broken into small unnatural segments 
We have encountered anotl-er difficulty with the induction 
definition facility W© wanted a recursive definition of sbst 
operation of type term- nat~ term- term This can not be done 
using the inductive definition facility Inductive definition 
allows the definition of an altogether new types But sbst is an 
element not a type In order to define the sbst we have to 
define it by the predicate sbst sterm- nat- term- term- Prop 
which is the characteristic function of the substitution 

Future work possible in this direction is to code the proofs 
of strong normalisation of typed X.~calculus standardisation 
theorem and undecidability of the convertibility for pure 
X-calculus 


56 



References 


CBM7 / I 

CCh40J 

CCH88J 

CCoa6J 

I:C 486 J 

CC:i8?J 

CCqS9b ) 

cshas } 

CBaSO] 

LdB/aj 

CdBSOD 

CD893 


Academic 


of types 


^ r ** * Ho I fc J j A coiT putational 

M » Hf J n 1« f 1 1979 

flo I A f irn ilatian o1 simple theory 

luufn 1 ui vntulic Lojic 5 1940 

tnitaiid 1 Hict 0 The calculus of constructions 
XnHrnatiori art 1 cojt puatat ion 76 pp 95-120 1988 

1 lost il 2 R I et al Implementing rrathematics with 
NUf HI proof development system PrenticeHall Inc 
f It j 2 wi >1 { 1 1 f f New Jersey 1986 

^ • ’ Hti analysis of Girard parado) LICS 

Hi 1 i n 1 PH,< 

<u 4 u III I Metan at! etrati cal investigations of a calculus 
of tun ! rut, lions Documentation and User s guide 
Hap p irts 1 etl til ;iues 110 1989 INRIA France 

Copianl I The tactics theorem prover Documentation and 
User s Guide Rapports Techniques No 110 1989 INRIA 
bhinPar N A mechanical proof of the Chur ch-Rosser 
tlenreir JACM vol 35 no 3 July 1988 pp 475-52S 
Barendregt H P The lambda calculus North Holland 
Amsterdam 1980 

de Bruijn N G Lambda calculus notation with nameless 
dummies a tool for automatic formula manipulation with 
app 1 1 ation to Chur ch~Rosser theorem Indag Hath 34 


5( 1972) pp 381-39H 

de Bruijn N G A survey of the Projet AUTDHATH In 
essays on Combinatory logic Lambda calculus and 
Formalism J P Seldin and J R Hindley Eds Academe 
press Orlando Fla 1980 pp 589-606 

Dowel* G A vernacular Syllabus Docurrentation and U er s 
Guide Rapports Techniques No 110 1989 INRIA 


57 


J 


uu 


combinatory logic Carrbridge University press London 
197c. 

CBHy03 Barendregt H Herrericl' K Types in Lairbda calculi ind 
pro jraiTiTing languages Technical i sport no 90-4 
Feb 1990 University of Nijmegen 

CHS7d Huet G A uniform approach to type theory In Logical 

foundations of functional prograrrming Uniersity of 
Te <as June 1987 

CH89I1 Huet G Constructive Engine Documentation and User s 
Guide Rapports Techniques No 110 1989 INRIA 

CHaS71 Harper R F et al A frarreworli for defining logics 

Proceedings of second syrr p LICS 1984 pp 194-204 

1198911 Paul in-Mohr mg Inductive definitions in tie Calculus of 
Constructions Docuirentation and User s Guide R"ipports 
Technique No 110 1989 INRIA 


58 


APPENDIX A 
HOW TO USE COC 


W^e^ we e<ecute cinnetic- comnand we enter into CAHL 

interactive mode This is indicated by the prompt # In this mode 
we can verify the proofs contained in constr files by tine command 

V name of the file 

We can enter the Vernacular mode fron tl e CAML rrode by typing 
The prompt for Vernacular mode is ~> All the command 
of the CAML interactive mode end with double semicolon All the 
commands of the Vernacular interactive mode end with the 

full-stop 

A typical session of the system in Vernacular mode is shown 
below The bold te^t is typed by the user and italic te t is the 
system response We define inductively the type rn^t of natural 
numbers and the relation Is of type nat- nat- Prop Then we prove 
the lemma that if two numbers are in le relation their successors 
are also in le This lemma is needed in the machine proof for 
proving the properties of de Bruijn indices i 

We define nat inductively as i 

“ Inductive Data nat 0 » nat 1 S nat-'^nat ‘ 

nat ts dis/'i.nsd 

I 

O 1. ® ds f nsd 
S s ds / 1 nsd 
nat_REC is d!e/inec£ 
nat_x^sc s ds/vnsd 

We define relation le inductively as 
->lnductivi Definition le Cntnatll s nat -> Prop 
Miens <lenn) 
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~> 1 le_S « <m8nat)(le n m)- (le n (S m) ) 

l*Sf ts d&/iru&d 

Itsjn ze <£^/i.rusd. 

l^_S ic di&f\,rv»cL 

l.fs_p&c ljs ds’/in.i&d 

LiS nat ~>natt->P'rop 

l«9_rt Cn na.tJ>Cle n. rO 

Lib_S Crt ncttyCm. rux.tl>C L 0 rt wil>— xTle n CS m-» 

I 

Cn noLt^C xO ruxt^Cia n. >cOy->C C rva.t->Pi-op^C C nJ>->CCm. ruat^ 
Cl& n nO/'\ < C YfO~>C C <S C xOJ> 

We start proving the lemma by tactics theorem prover by 
coirtrand Goal 

~^Goal <i jnnat) (le i J)" (le (8 i) (S j)) 

We make use of intro tactic below 

~'>By intros 

/ SlibgOCt I 

cie cs o <rs jy:? 

ssssa: =:= s:a:=s B= ==sst= = =::s=! = = s==s:= 

H <le i 

j nat 
■L -nat 

~>P«tt»rn j 

i suiigoct I 

CLL natJCLe CS i> <5 LJJl? 

N <rie 1 j2> 

_7 Tiat 


the 
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rvat 


Pattern j abstracts the present ^oal with the variable j 
*“>R»«olv« H 

Suh^QO-lS 

Cl* cs ijj cs 

H ci& t jy 

J rtCLt 
nett 

subgoctl S IS 

Cm. natycis cs iJ> cs nL>y~>cis cs i.y <s cs myy> 


">R ©solve le_n 
i sxijbg;ocLl 

Cm natycis cs ij? cs my>->cis cs ly C£ cs myyy 


esnasassssasssssssssssssssssssssassBssssssns 


N CLs t jy 
J nett 
t nett 


->By intros 
i suhgoet I 

cis CS ly c£ c£ myyy 


HO cis cs ly cs myy 

m nat 
H Cls jj> 

J nett 
V nat 


'>Rssolv« le S 
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i BUbgoctl 

ci& €s t:> cs noy 

a = as s s: s; 3= 1 = ss as S3 rs SC = s s s s BS ES 5c 29 es SBS JSB ss S5 

HO ci& cs lO OS fttoy 
m. rtat 
H Ole t jy 
j rxcLt 

V rtOLt 

”H»By assumption 

goal px'o-oed. 

T^e coftmand Show^proof shows the current corr p leted proof i 

“'>8how„proof 

h rtalUj ruutUH Ole i jyiOH IL rvcttlOle OS i.J> (TS iJ>J> Clejx OS L:>:i 
Im. rxatltHO 0 le OS ^y OS myy]Ole_S OS ty OS rrO HO>y 
Save comrrand saves the theorem so far proved for the rest of th^ 
session t 

-“^8*v« le_means^8ucc_le ^ 

le_m/eans_e‘uec__le is de/ trued | 

The corrmand Inspect num prints the last nurr items , 

-'►Inspect 2 

le_means__Bucc_le Ot ruatyOj rtatyoie t jy—>Ole OS ly OS jyy I 

ie_pec On natyOxO natJOle n xOy~>0 C rua.t~>Px-opy p 

<r C ny->00m natyoie n nO/\( C nO-xT C OS rfiyyy->0 c xoy I 

That ends the session with the system 

The command s Reset A/tei' <td!ent /ter-> resets the systeir to thel 
state it was in after writing the identifier | 

The command 5 Dr-op completes the Vernacular mode and enters intol 
the CAML mode The command eftiitOy e its the system from the CAliLi 
mode I 
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Date Slip 

This book Is to be returned on the 
date last st mped 
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